VYPR

Rate My Post

by WordPress

Source repositories

CVEs (5)

  • CVE-2024-32823MedApr 24, 2024
    risk 0.34cvss 5.3epss 0.00

    Authorization Bypass Through User-Controlled Key vulnerability in FeedbackWP Rate my Post – WP Rating System.This issue affects Rate my Post – WP Rating System: from n/a through 3.4.4.

  • CVE-2024-12309MedDec 13, 2024
    risk 0.27cvss 5.3epss 0.00

    The Rate My Post – Star Rating Plugin by FeedbackWP plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.2.4 via the get_post_status() due to missing validation on a user controlled key. This makes it possible for…

  • CVE-2022-4673Jan 23, 2023
    risk 0.00cvss epss 0.00

    The Rate my Post WordPress plugin before 3.3.9 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack.

  • CVE-2022-40310Sep 23, 2022
    risk 0.00cvss epss 0.00

    Authenticated (subscriber+) Race Condition vulnerability in Rate my Post – WP Rating System plugin <= 3.3.4 at WordPress allows attackers to increase/decrease votes.

  • CVE-2022-40671Sep 23, 2022
    risk 0.00cvss epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in Rate my Post – WP Rating System plugin <= 3.3.4 at WordPress.